From nobody Mon Jan 20 13:55:13 2025 X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4YcBg61G4Fz5lN5n; Mon, 20 Jan 2025 13:55:14 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R11" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4YcBg60dKTz45FC; Mon, 20 Jan 2025 13:55:14 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1737381314; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=6g/RPq5UfLmjqyLdM8vcccCm0tPfhRuoZ4boM/aLVLY=; b=N1QA2EREDCnEUapiWEcd635dhdR7BDrcuc2K6tjIbuApohl/nokdpBBXn6a1P+Ix4Y+BMm jIrFn5XjtFehXLsDu8WMPA60RUUUQGN3WWwiEvPbvPaBxN4exKPBgYMtGBUsau609+UNAn JANZ1lI9r2+Adx5NqmYNklSp+ADg+K4oAF6av3trEebklNewBvWXW7qZQ78mL0HAFwIQwf R/s5Tu+qc+7/IIt+EBnftPYqXo9JCQCGee1+96n/qXBWl28TxwCQSRRoILRcwAkIATGbu5 HX2KAQ9peekC2fvekjH46iMrNcsGfCjCEr/IDPIcb9Yc/WlCiIZexrYZqE4f4A== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1737381314; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=6g/RPq5UfLmjqyLdM8vcccCm0tPfhRuoZ4boM/aLVLY=; b=WzuZ+7uO60SMeG4R3Q75YPH3l4/XdVAO1k3suSzi22gfkMA02c8Vq+n0GpAG90MdAbYHyD I3mA2HKgKDgV9lGA9mdeyWx0wxLeCbtJ/YN8bIT26G1zKvg4+c3khFIwITI8FYs7D2DaxT z2nFVEn5nxC3tfzAHJLHgkFZjQsqQg7BkOm7fR0TF0BV0p2Tw9JEBJ8GJ0cEtNWYMZxbw4 KammH2HHENPKL9OPwq4mwlprBfg4SS8L3kFKrmNgddO+1MtUi/gnYfARNodmwIBcAqVb/0 Eho2/iCrcN+IhIP7ru7Ih1fTUrn3iJShvhd8vpB0doGBjcNiA2Rmr19anRFkvQ== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1737381314; a=rsa-sha256; cv=none; b=FHQaTjkrhjtvjHi9CyBpvPM9UrYOgzbtmVaejeXqQzjuItCVDNpRNmo10CfALtAsgjyMy+ jmWC9Zmm7LAAAG3WDR3uFHZJb6JXxjZDYtEEAfQvDSBNue2H0Xn4kPDqU7wapHGMGOn+Pw drFM6Mgd1nF+UWOsSh4GuOnWUADbPMiz2+MMWeRckbNm+FySAwhl98mTB71ysLQ+dDPTx5 MV7FBYDr4jAZ1XzQ+I2MmXzRhXrcAkUtEMfOC/BnYxLFvRbI+l+/MmALkjVQ2pHVBfJY/b XXlv3+OQe7nrsRWGdURh1w52Q9Ibbntj8Vwa0QIo4IrtUuy+ckxdaTXuiuty3g== ARC-Authentication-Results: i=1; mx1.freebsd.org; none Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4YcBg60Dxfz6Qh; Mon, 20 Jan 2025 13:55:14 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.18.1/8.18.1) with ESMTP id 50KDtDIC030793; Mon, 20 Jan 2025 13:55:13 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.18.1/8.18.1/Submit) id 50KDtDJh030790; Mon, 20 Jan 2025 13:55:13 GMT (envelope-from git) Date: Mon, 20 Jan 2025 13:55:13 GMT Message-Id: <202501201355.50KDtDJh030790@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-main@FreeBSD.org From: Mark Johnston Subject: git: 5b86888bae65 - main - ktrace: Fix uninitialized memory disclosure List-Id: Commit messages for all branches of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-all@freebsd.org Sender: owner-dev-commits-src-all@FreeBSD.org MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: markj X-Git-Repository: src X-Git-Refname: refs/heads/main X-Git-Reftype: branch X-Git-Commit: 5b86888bae651e54ccc0adde0ed897ec1c1e0d45 Auto-Submitted: auto-generated The branch main has been updated by markj: URL: https://cgit.FreeBSD.org/src/commit/?id=5b86888bae651e54ccc0adde0ed897ec1c1e0d45 commit 5b86888bae651e54ccc0adde0ed897ec1c1e0d45 Author: Mark Johnston AuthorDate: 2025-01-20 13:50:04 +0000 Commit: Mark Johnston CommitDate: 2025-01-20 13:54:49 +0000 ktrace: Fix uninitialized memory disclosure The sockaddr passed to ktrcapfail() may be smaller than sizeof(struct sockaddr), and the trailing bytes in the sockaddr structure will be uninitialized, whereupon they get copied out to userspace. PR: 283673 Reviewed by: jfree, emaste Reported by: Yichen Chai Reported by: Zhuo Ying Jiang Li Fixes: 9bec84131215 ("ktrace: Record detailed ECAPMODE violations") MFC after: 3 days Differential Revision: https://reviews.freebsd.org/D48499 --- sys/kern/kern_ktrace.c | 11 +++++++++-- 1 file changed, 9 insertions(+), 2 deletions(-) diff --git a/sys/kern/kern_ktrace.c b/sys/kern/kern_ktrace.c index 7a31fe234cb5..a67b773a154c 100644 --- a/sys/kern/kern_ktrace.c +++ b/sys/kern/kern_ktrace.c @@ -973,9 +973,16 @@ ktrcapfail(enum ktr_cap_violation type, const void *data) case CAPFAIL_PROTO: kcd->cap_int = *(const int *)data; break; - case CAPFAIL_SOCKADDR: - kcd->cap_sockaddr = *(const struct sockaddr *)data; + case CAPFAIL_SOCKADDR: { + size_t len; + + len = MIN(((const struct sockaddr *)data)->sa_len, + sizeof(kcd->cap_sockaddr)); + memset(&kcd->cap_sockaddr, 0, + sizeof(kcd->cap_sockaddr)); + memcpy(&kcd->cap_sockaddr, data, len); break; + } case CAPFAIL_NAMEI: strlcpy(kcd->cap_path, data, MAXPATHLEN); break;